ada: upstream

Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>
2026-02-08 22:27:39 +03:00 · 2026-02-08 22:27:39 +03:00 · a50ae76a23
commit a50ae76a23
parent e3e1612691
74 changed files with 130 additions and 387 deletions
--- a/ada/boot/initrd.nix
+++ b/ada/boot/initrd.nix
@ -1,4 +1,4 @@
-{lib, ...}: {
+_: {
  boot = {
    initrd = {
      availableKernelModules = [
@ -14,9 +14,9 @@
      ];

      supportedFilesystems = {
+        ntfs = true;
        vfat = true;
        btrfs = true;
-        zfs = lib.mkForce true;
      };

      kernelModules = [
--- a/ada/boot/kernel.nix
+++ b/ada/boot/kernel.nix
@ -1,7 +1,6 @@
 {
  config,
  pkgs,
-  lib,
  ...
 }: {
  boot = {
@ -17,7 +16,7 @@
      };
    };

-    kernelPackages = pkgs.linuxPackages_cachyos-gcc;
+    kernelPackages = pkgs.linuxPackages_latest;
    extraModulePackages = with config.boot.kernelPackages; [
      zenpower
      v4l2loopback
@ -32,7 +31,6 @@
    ];

    kernelParams = [
-      "video=DP-1:2560x1440@165"
      "amd_pstate=guided"
      "udev.log_priority=3"
      "quiet"
@ -45,6 +43,7 @@
      "page_alloc.shuffle=1"
      "page_poison=1"
      "slab_nomerge"
+      "zswap.enabled=0"

      "kernel.watchdog=0"
      "oops=panic"
@ -68,6 +67,7 @@
      "hfs"
      "hpfs"
      "jfs"
+      "zfs"
      "minix"
      "nilfs2"
      "ntfs"
@ -81,9 +81,9 @@
    ];

    supportedFilesystems = {
+      ntfs = true;
      vfat = true;
      btrfs = true;
-      zfs = lib.mkForce true;
    };

    consoleLogLevel = 0;
--- a/ada/boot/lanzaboote.nix
+++ b/ada/boot/lanzaboote.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  boot = {
    lanzaboote = {
      enable = true;
--- a/ada/boot/loader/systemd-boot.nix
+++ b/ada/boot/loader/systemd-boot.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  boot = {
    loader = {
      systemd-boot = {
--- a/ada/boot/tmp.nix
+++ b/ada/boot/tmp.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  boot = {
    tmp = {
      useTmpfs = true;
--- a/ada/boot/zfs.nix
+++ b/ada/boot/zfs.nix
@ -1,9 +0,0 @@
-{pkgs, ...}: {
-  boot = {
-    zfs = {
-      package = pkgs.zfs_cachyos;
-      allowHibernation = false;
-      removeLinuxDRM = false;
-    };
-  };
-}
--- a/ada/console/console.nix
+++ b/ada/console/console.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  console = {
    useXkbConfig = true;
  };
--- a/ada/default.nix
+++ b/ada/default.nix
@ -6,7 +6,6 @@
    "${self}/ada/boot/plymouth.nix"
    "${self}/ada/boot/tmp.nix"
    "${self}/ada/boot/loader/systemd-boot.nix"
-    "${self}/ada/boot/zfs.nix"

    "${self}/ada/disko/disk.nix"
    "${self}/ada/disko/lvm_vg.nix"
@ -19,9 +18,10 @@
    "${self}/ada/hardware/amdgpu.nix"
    "${self}/ada/hardware/cpu.nix"
    "${self}/ada/hardware/graphics.nix"
-    "${self}/ada/hardware/openrazer.nix"
    "${self}/ada/hardware/qmk.nix"
    "${self}/ada/hardware/zram.nix"
+    "${self}/ada/hardware/bluetooth.nix"
+    "${self}/ada/hardware/"

    "${self}/ada/home-manager/users.nix"

@ -70,14 +70,12 @@
    "${self}/ada/services/qmk.nix"
    "${self}/ada/services/scx.nix"
    "${self}/ada/services/xserver.nix"
-    "${self}/ada/services/zapret.nix"
-    "${self}/ada/services/zerotier.nix"
-    "${self}/ada/services/yggdrasil.nix"
    "${self}/ada/services/sunshine.nix"
    "${self}/ada/services/usbmuxd.nix"
    "${self}/ada/services/irqbalance.nix"
    "${self}/ada/services/yubikey-agent.nix"
    "${self}/ada/services/resolved.nix"
+    "${self}/ada/services/firewalld.nix"

    "${self}/ada/sops/defaults.nix"
    "${self}/ada/sops/secrets.nix"
@ -102,8 +100,6 @@
    "${self}/ada/users/users/root.nix"
    "${self}/ada/users/mutableUsers.nix"

-    "${self}/ada/virtualisation/docker.nix"
-
    "${self}/ada/xdg/icons.nix"
    "${self}/ada/xdg/mime.nix"
    "${self}/ada/xdg/portal.nix"
--- a/ada/disko/disk.nix
+++ b/ada/disko/disk.nix
@ -22,6 +22,7 @@
                  ];
                };
              };
+
              luks = {
                size = "100%";
                content = {
--- a/ada/environment/variables.nix
+++ b/ada/environment/variables.nix
@ -1,7 +1,7 @@
 {config, ...}: {
  environment = {
    variables = {
-      AMD_VULKAN_ICD = "RADV";
+      AMD_VULKAN_ICD = "AMDVLK";
      HOSTNAME = config.networking.hostName;
      QT_QPA_PLATFORM = "wayland";
      SDL_VIDEODRIVER = "wayland";
--- a/ada/hardware/amdgpu.nix
+++ b/ada/hardware/amdgpu.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  hardware = {
    amdgpu = {
      initrd = {
--- a/ada/hardware/bluetooth.nix
+++ b/ada/hardware/bluetooth.nix
@ -0,0 +1,7 @@
+_: {
+  hardware = {
+    bluetooth = {
+      enable = true;
+    };
+  };
+}
--- a/ada/hardware/cpu.nix
+++ b/ada/hardware/cpu.nix
@ -1,6 +1,5 @@
-{...}: {
+_: {
  hardware = {
-    enableRedistributableFirmware = true;
    cpu = {
      amd = {
        updateMicrocode = true;
--- a/ada/hardware/default.nix
+++ b/ada/hardware/default.nix
@ -0,0 +1,8 @@
+_: {
+  hardware = {
+    enableAllFirmware = true;
+    enableAllHardware = true;
+    enableRedistributableFirmware = true;
+    firmwareCompression = "zstd";
+  };
+}
--- a/ada/hardware/graphics.nix
+++ b/ada/hardware/graphics.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  hardware = {
    graphics = {
      enable = true;
--- a/ada/hardware/openrazer.nix
+++ b/ada/hardware/openrazer.nix
@ -1,15 +0,0 @@
-{...}: {
-  hardware = {
-    openrazer = {
-      enable = false;
-      users = [
-        "hand7s"
-      ];
-
-      batteryNotifier = {
-        enable = true;
-        percentage = 15;
-      };
-    };
-  };
-}
--- a/ada/hardware/qmk.nix
+++ b/ada/hardware/qmk.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  hardware = {
    keyboard = {
      qmk = {
--- a/ada/hardware/zram.nix
+++ b/ada/hardware/zram.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  zramSwap = {
    enable = true;
    algorithm = "zstd";
--- a/ada/home-manager/users.nix
+++ b/ada/home-manager/users.nix
@ -1,20 +1,17 @@
-{
-  inputs,
-  self,
-  ...
-}: {
+{self, ...}: {
  home-manager = {
    users = {
-      hand7s = {
+      "hand7s" = {
        imports = [
          "${self}/hand7s/"
-          inputs.spicetify-nix.homeManagerModules.default
-          inputs.hyprland.homeManagerModules.default
-          inputs.chaotic.homeManagerModules.default
-          inputs.sops-nix.homeManagerModules.sops
+          self.inputs.agenix.homeManagerModules.default
+          self.inputs.spicetify-nix.homeManagerModules.default
+          self.inputs.hyprland.homeManagerModules.default
+          self.inputs.chaotic.homeManagerModules.default
+          self.inputs.sops-nix.homeManagerModules.sops

-          inputs.nix-index-database.homeModules.nix-index
-          inputs.noctalia.homeModules.default
+          self.inputs.nix-index-database.homeModules.nix-index
+          self.inputs.noctalia.homeModules.default
        ];
      };
    };
@ -23,7 +20,6 @@

    extraSpecialArgs = {
      inherit
-        inputs
        self
        ;
    };
--- a/ada/i18n/locales.nix
+++ b/ada/i18n/locales.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  i18n = {
    defaultLocale = "en_US.UTF-8";
    supportedLocales = [
--- a/ada/networking/firewall.nix
+++ b/ada/networking/firewall.nix
@ -1,30 +1,14 @@
-{...}: {
+_: {
  networking = {
    firewall = {
      allowPing = true;
-      enable = true;
+      enable = false;
      checkReversePath = false;
+    };

-      interfaces = {
-        eno1 = rec {
-          allowedTCPPortRanges = [
-            {
-              from = 1714;
-              to = 1764;
-            }
-          ];
-
-          allowedUDPPortRanges = allowedTCPPortRanges;
-        };
-
-        salt-hand7s-pc = rec {
-          allowedTCPPorts = [
-            6567
-          ];
-
-          allowedUDPPorts = allowedTCPPorts;
-        };
-      };
+    nftables = {
+      enable = true;
+      flattenRulesetFile = true;
    };
  };
 }
--- a/ada/networking/hostId.nix
+++ b/ada/networking/hostId.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  networking = {
    hostId = "5c79d468";
  };
--- a/ada/networking/hostname.nix
+++ b/ada/networking/hostname.nix
@ -1,5 +1,5 @@
-{...}: {
+_: {
  networking = {
-    hostName = "s0mePC-nix";
+    hostName = "ada";
  };
 }
--- a/ada/networking/hosts.nix
+++ b/ada/networking/hosts.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  networking = {
    hosts = {
      # nope
--- a/ada/networking/nameservers.nix
+++ b/ada/networking/nameservers.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  networking = {
    nameservers = [
      # cf dns
--- a/ada/networking/networkmanager.nix
+++ b/ada/networking/networkmanager.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  networking = {
    networkmanager = {
      enable = false;
--- a/ada/networking/timeServers.nix
+++ b/ada/networking/timeServers.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  networking = {
    timeServers = [
      "0.nixos.pool.ntp.org"
--- a/ada/networking/wireguard.nix
+++ b/ada/networking/wireguard.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  networking = {
    wireguard = {
      enable = true;
--- a/ada/nix/settings/allowed-users.nix
+++ b/ada/nix/settings/allowed-users.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  nix = {
    settings = {
      sandbox = true;
--- a/ada/nix/settings/auto-optimise-store.nix
+++ b/ada/nix/settings/auto-optimise-store.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  nix = {
    settings = {
      auto-optimise-store = true;
--- a/ada/nix/settings/experimental-features.nix
+++ b/ada/nix/settings/experimental-features.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  nix = {
    settings = {
      experimental-features = [
--- a/ada/nix/settings/substituters.nix
+++ b/ada/nix/settings/substituters.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  nix = {
    settings = {
      substituters = [
@ -9,10 +9,10 @@
        # cachix
        "https://nix-community.cachix.org/"
        "https://chaotic-nyx.cachix.org/"
-        "https://ags.cachix.org"
        "https://hyprland.cachix.org"
        "https://chaotic-nyx.cachix.org/"
-        "https://colmena.cachix.org"
+        # nix-community
+        "https://hydra.nix-community.org/"
      ];
    };
  };
--- a/ada/nix/settings/trusted-public-keys.nix
+++ b/ada/nix/settings/trusted-public-keys.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  nix = {
    settings = {
      trusted-public-keys = [
--- a/ada/nix/settings/trusted-substituters.nix
+++ b/ada/nix/settings/trusted-substituters.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  nix = {
    settings = {
      trusted-substituters = [
@ -13,7 +13,6 @@
        "https://ags.cachix.org"
        "https://hyprland.cachix.org"
        "https://chaotic-nyx.cachix.org/"
-        "https://colmena.cachix.org"
      ];
    };
  };
--- a/ada/nix/settings/trusted-users.nix
+++ b/ada/nix/settings/trusted-users.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  nix = {
    settings = {
      trusted-users = [
--- a/ada/nixpkgs/config.nix
+++ b/ada/nixpkgs/config.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  nixpkgs = {
    config = {
      allowUnfree = true;
--- a/ada/nixpkgs/overlays.nix
+++ b/ada/nixpkgs/overlays.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  nixpkgs = {
    overlays = [
    ];
--- a/ada/nixpkgs/system.nix
+++ b/ada/nixpkgs/system.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  nixpkgs = {
    system = "x86_64-linux";
    hostPlatform = "x86_64-linux";
--- a/ada/programs/gamemode.nix
+++ b/ada/programs/gamemode.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  programs = {
    gamemode = {
      enable = true;
--- a/ada/programs/gamescope.nix
+++ b/ada/programs/gamescope.nix
@ -2,7 +2,7 @@
  programs = {
    gamescope = {
      enable = true;
-      package = pkgs.gamescope_git;
+      package = pkgs.gamescope;
      args = [
        "-e"
      ];
--- a/ada/programs/nekoray.nix
+++ b/ada/programs/nekoray.nix
@ -1,6 +1,6 @@
-{...}: {
+_: {
  programs = {
-    nekoray = {
+    throne = {
      enable = true;
      tunMode = {
        enable = true;
--- a/ada/programs/nh.nix
+++ b/ada/programs/nh.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  programs = {
    nh = {
      enable = true;
--- a/ada/programs/ssh.nix
+++ b/ada/programs/ssh.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  programs = {
    ssh = {
      startAgent = true;
--- a/ada/programs/yubikey-touch-detector.nix
+++ b/ada/programs/yubikey-touch-detector.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  programs = {
    yubikey-touch-detector = {
      enable = true;
--- a/ada/security/pam/yubico.nix
+++ b/ada/security/pam/yubico.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  security = {
    pam = {
      yubico = {
--- a/ada/security/polkit.nix
+++ b/ada/security/polkit.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  security = {
    polkit = {
      enable = true;
--- a/ada/security/rtkit.nix
+++ b/ada/security/rtkit.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  security = {
    rtkit = {
      enable = true;
--- a/ada/security/sudo-rs.nix
+++ b/ada/security/sudo-rs.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  security = {
    sudo-rs = {
      enable = true;
--- a/ada/services/firewalld.nix
+++ b/ada/services/firewalld.nix
@ -0,0 +1,15 @@
+{...}: {
+  services = {
+    firewalld = {
+      enable = true;
+
+      settings = {
+        # nope
+      };
+
+      zones = {
+        # nope
+      };
+    };
+  };
+}
--- a/ada/services/greetd.nix
+++ b/ada/services/greetd.nix
@ -9,7 +9,7 @@
      restart = false;
      settings = {
        default_session = {
-          command = "${lib.getExe pkgs.tuigreet} -r -t -c ${lib.getExe pkgs.hyprland} --greet-align center";
+          command = "${lib.getExe pkgs.tuigreet} -r -t -c ${lib.getExe' pkgs.hyprland "start-hyprland"} --greet-align center";
          user = "greeter";
        };
      };
--- a/ada/services/irqbalance.nix
+++ b/ada/services/irqbalance.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  services = {
    irqbalance = {
      enable = true;
--- a/ada/services/libinput.nix
+++ b/ada/services/libinput.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  services = {
    libinput = {
      enable = true;
--- a/ada/services/netbird.nix
+++ b/ada/services/netbird.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  services = {
    netbird = {
      enable = true;
--- a/ada/services/openssh.nix
+++ b/ada/services/openssh.nix
@ -5,7 +5,7 @@
      allowSFTP = true;
      openFirewall = true;
      ports = [
-        45734
+        53864
      ];

      settings = {
--- a/ada/services/pipewire.nix
+++ b/ada/services/pipewire.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  services = {
    pipewire = {
      enable = true;
@ -25,6 +25,7 @@

      extraConfig = {
        pipewire = {
+          # PIPEWIRE_PROPS=node.force-rate=0
          "92-low-latency" = {
            "context.properties" = {
              "default.clock.rate" = 48000;
--- a/ada/services/resolved.nix
+++ b/ada/services/resolved.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  services = {
    resolved = {
      enable = true;
--- a/ada/services/scx.nix
+++ b/ada/services/scx.nix
@ -1,8 +1,7 @@
-{...}: {
+_: {
  services = {
    scx = {
      enable = true;
-      # package = pkgs.scx_git.full;
      scheduler = "scx_cosmos";
    };
  };
--- a/ada/services/sunshine.nix
+++ b/ada/services/sunshine.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  services = {
    sunshine = {
      enable = true;
--- a/ada/services/yggdrasil.nix
+++ b/ada/services/yggdrasil.nix
@ -1,63 +1,10 @@
-{...}: {
+_: {
  services = {
    yggdrasil = {
-      enable = true;
+      enable = false;
      persistentKeys = false;
      settings = {
-        PrivateKey = "${yggKeyPC}";
-
-        Peers = [
-          # Germany :Erm:
-          "tcp://s-fra-0.sergeysedoy97.ru:65533"
-          "tls://s-fra-0.sergeysedoy97.ru:65534"
-          "tcp://x-fra-0.sergeysedoy97.ru:65533"
-          "tls://x-fra-0.sergeysedoy97.ru:65534"
-          "quic://x-fra-0.sergeysedoy97.ru:65535"
-          "tls://helium.avevad.com:13378"
-          "tcp://bode.theender.net:42069"
-          "tls://bode.theender.net:42169?key=f91b909f43829f8b20732b3bcf80cbc4bb078dd47b41638379a078e35984c9a4"
-
-          # Russia
-          "tcp://s-mow-0.sergeysedoy97.ru:65533"
-          "tls://s-mow-0.sergeysedoy97.ru:65534"
-          "tcp://x-mow-0.sergeysedoy97.ru:65533"
-          "tls://x-mow-0.sergeysedoy97.ru:65534"
-          "quic://x-mow-0.sergeysedoy97.ru:65535"
-          "tcp://s-mow-1.sergeysedoy97.ru:65533"
-          "tls://s-mow-1.sergeysedoy97.ru:65534"
-          "tcp://x-mow-1.sergeysedoy97.ru:65533"
-          "tls://x-mow-1.sergeysedoy97.ru:65534"
-          "quic://x-mow-1.sergeysedoy97.ru:65535"
-          "quic://kursk.cleverfox.org:15015"
-          "tls://kursk.cleverfox.org:15015"
-          "ws://kursk.cleverfox.org:15016"
-          "tcp://kzn1.neonxp.ru:7991"
-          "tls://kzn1.neonxp.ru:7992"
-          "ws://kzn1.neonxp.ru:7993"
-          "quic://kzn1.neonxp.ru:7994"
-        ];
-
-        Listen = [
-          #
-        ];
-
-        MulticastInterfaces = [
-          {
-            Regex = ".*";
-            Beacon = true;
-            Listen = false;
-            Password = "";
-          }
-        ];
-
-        AllowedPublicKeys = [
-          #
-        ];
-
-        IfName = "auto";
-
-        IfMTU = 65535;
-        NodeInfoPrivacy = false;
+        # nope
      };
    };
  };
--- a/ada/services/zapret.nix
+++ b/ada/services/zapret.nix
@ -1,145 +0,0 @@
-{...}: {
-  services = {
-    zapret = {
-      enable = true;
-      configureFirewall = true;
-      qnum = 350;
-      params = [
-        "--wssize 1:6"
-
-        "--filter-tcp=80"
-        "--dpi-desync=multisplit"
-        "--dpi-desync-split-pos=10"
-        "--dpi-desync-repeats=6"
-        "--new"
-
-        "--filter-tcp=443"
-        "--dpi-desync=multidisorder"
-        "--dpi-desync-split-pos=1,midsld"
-        "--new"
-
-        "--filter-tcp=443"
-        "--dpi-desync=syndata"
-        "--dpi-desync-fake-syndata=0x00000000"
-        "--dpi-desync-ttl=10"
-        "--new"
-
-        "--filter-udp=443"
-        "--dpi-desync=fake"
-        "--dpi-desync-repeats=6"
-        "--dpi-desync-fake-quic=0x00000000"
-        "--new"
-
-        "--filter-udp=443"
-        "--dpi-desync=fake,udplen"
-        "--dpi-desync-udplen-increment=5"
-        "--dpi-desync-fake-tls=0x00000000"
-        "--dpi-desync-cutoff=n3"
-        "--dpi-desync-repeats=2"
-        "--new"
-
-        "--filter-tcp=443"
-        "--dpi-desync=split"
-        "--dpi-desync-fooling=md5sig,badseq"
-        "--dpi-desync-fake-tls=0x00000000"
-        "--dpi-desync-split-pos=1"
-        "--dpi-desync-repeats=10"
-        "--new"
-
-        "--filter-tcp=443"
-        "--dpi-desync=fake,split2"
-        "--dpi-desync-fooling=md5sig"
-        "--dpi-desync-fake-tls=0x00000000"
-        "--dpi-desync-split-seqovl=2"
-        "--dpi-desync-split-pos=2"
-
-        "--dpi-desync-autottl"
-        "--new"
-        "--filter-tcp=443"
-        "--dpi-desync=fake,split2"
-        "--dpi-desync-fooling=md5sig"
-        "--dpi-desync-fake-tls=0x00000000"
-        "--dpi-desync-split-seqovl=2"
-        "--dpi-desync-split-pos=2"
-        "--dpi-desync-autottl"
-        "--new"
-
-        "--filter-tcp=80"
-        "--dpi-desync=fake,split2"
-        "--dpi-desync-fooling=md5sig"
-        "--dpi-desync-fake-tls=0x00000000"
-        "--dpi-desync-autottl"
-        "--new"
-
-        "--filter-tcp=80"
-        "--dpi-desync-ttl=1"
-        "--dpi-desync-autottl=2"
-        "--dpi-desync-fake-tls=0x00000000"
-        "--dpi-desync-split-pos=1"
-        "--dpi-desync=fake,split2"
-        "--dpi-desync-repeats=6"
-        "--dpi-desync-fooling=md5sig"
-        "--new"
-      ];
-
-      whitelist = [
-        "googlevideo.com"
-        "youtu.be"
-        "youtube.com"
-        "youtubei.googleapis.com"
-        "googlevideo.com"
-        "youtu.be"
-        "youtube.com"
-        "youtubei.googleapis.com"
-        "youtubeembeddedplayer.googleapis.com"
-        "ytimg.l.google.com"
-        "ytimg.com"
-        "jnn-pa.googleapis.com"
-        "youtube-nocookie.com"
-        "youtube-ui.l.google.com"
-        "yt-video-upload.l.google.com"
-        "wide-youtube.l.google.com"
-        "youtubekids.com"
-        "ggpht.com"
-        "music.youtube.com"
-        "test.googlevideo.com"
-        "discord.com"
-        "gateway.discord.gg"
-        "cdn.discordapp.com"
-        "discordapp.net"
-        "discordapp.com"
-        "discord.gg"
-        "media.discordapp.net"
-        "images-ext-1.discordapp.net"
-        "discord.app"
-        "discord.media"
-        "discordcdn.com"
-        "discord.dev"
-        "discord.new"
-        "discord.gift"
-        "discordstatus.com"
-        "dis.gd"
-        "discord.co"
-        "discord-attachments-uploads-prd.storage.googleapis.com"
-        "7tv.app"
-        "7tv.io"
-        "10tv.app"
-        "x.com"
-        "t.co"
-        "ads-twitter.com"
-        "twimg.com"
-        "twitter.com"
-        "pscp.tv"
-        "twtrdns.net"
-        "twttr.com"
-        "periscope.tv"
-        "tweetdeck.com"
-        "twitpic.com"
-        "twitter.co"
-        "twitterinc.com"
-        "twitteroauth.com"
-        "twitterstat.us"
-      ];
-    };
-  };
-}
--- a/ada/services/zerotier.nix
+++ b/ada/services/zerotier.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  services = {
    zerotierone = {
      enable = true;
--- a/ada/systemd/oomd.nix
+++ b/ada/systemd/oomd.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  systemd = {
    oomd = {
      enable = true;
--- a/ada/systemd/slices/root-slice.nix
+++ b/ada/systemd/slices/root-slice.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  systemd = {
    slices = {
      root = {
--- a/ada/systemd/slices/system-slice.nix
+++ b/ada/systemd/slices/system-slice.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  systemd = {
    slices = {
      system = {
--- a/ada/systemd/slices/user-slice.nix
+++ b/ada/systemd/slices/user-slice.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  systemd = {
    slices = {
      user = {
--- a/ada/time/timeZone.nix
+++ b/ada/time/timeZone.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  time = {
    timeZone = "Europe/Moscow";
    hardwareClockInLocalTime = true;
--- a/ada/users/mutableUsers.nix
+++ b/ada/users/mutableUsers.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  users = {
    mutableUsers = false;
  };
--- a/ada/users/users/hand7s.nix
+++ b/ada/users/users/hand7s.nix
@ -1,15 +1,13 @@
-{...}: {
+_: {
  users = {
    users = {
-      hand7s = {
+      "hand7s" = {
        description = "me";
        isSystemUser = false;
        isNormalUser = true;
        initialHashedPassword = "$6$ckgRhNWmJgSwOUpJ$kfeAdokd5fa76HWbTmWN2YXx4M/PQVOTJku1ODbqbBhEkUFiLftdaJFRnNXfIM3Jtz0ShoRMSVCB7mDkxDrdi/";
        extraGroups = [
          "wheel"
-          "networkmanager"
-          "docker"
        ];
      };
    };
--- a/ada/users/users/root.nix
+++ b/ada/users/users/root.nix
@ -1,7 +1,7 @@
-{...}: {
+_: {
  users = {
    users = {
-      root = {
+      "root" = {
        initialHashedPassword = "$6$n4OLMvYHHStHvtmr$6OL0NV1dEM2b6oJRewkhuoFxM80lI67tfbJ6QkCg8WAA1gbeKrcwDAuJjm8zvpY4zcDR3Z5Zbo8uebfOi6XXF0";
      };
    };
--- a/ada/virtualisation/docker.nix
+++ b/ada/virtualisation/docker.nix
@ -1,10 +0,0 @@
-{...}: {
-  virtualisation = {
-    docker = {
-      enable = true;
-      rootless = {
-        enable = true;
-      };
-    };
-  };
-}
--- a/ada/xdg/icons.nix
+++ b/ada/xdg/icons.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  xdg = {
    icons = {
      enable = true;
--- a/ada/xdg/mime.nix
+++ b/ada/xdg/mime.nix
@ -1,4 +1,4 @@
-{...}: {
+_: {
  xdg = {
    mime = {
      enable = true;
--- a/ada/xdg/portal.nix
+++ b/ada/xdg/portal.nix
@ -5,12 +5,18 @@

      config = {
        common = {
+          "org.freedesktop.impl.portal.FileChooser" = "termfilechooser";
+
          default = [
            "gtk"
          ];
        };

        hyprland = {
+          "org.freedesktop.impl.portal.FileChooser" = [
+            "termfilechooser"
+          ];
+
          preferred = [
            "gtk"
            "hyprland"
@ -22,6 +28,7 @@
        xdg-desktop-portal
        xdg-desktop-portal-gtk
        xdg-desktop-portal-hyprland
+        xdg-desktop-portal-termfilechooser
      ];
    };
  };
--- a/flake.nix
+++ b/flake.nix
@ -617,41 +617,6 @@
            ];
          };
        };
-
-        # deploy-rs
-        deploy = {
-          user = "hand7s";
-          interactiveSudo = true;
-          autoRollback = true;
-          magicRollback = true;
-          remoteBuild = false;
-          sshOpts = [
-            "-p"
-            "6969"
-          ];
-
-          nodes = {
-            "s0mev1rtn0de-nix" = {
-              hostname = "100.109.213.170";
-              profiles = {
-                main = {
-                  path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.s0mev1rtn0de-nix;
-                  profilePath = "/nix/var/nix/profiles/system";
-                };
-              };
-            };
-
-            "s0meMiniPC-nix" = {
-              hostname = "100.109.71.194";
-              profiles = {
-                main = {
-                  path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.s0mev1rtn0de-nix;
-                  profilePath = "/nix/var/nix/profiles/system";
-                };
-              };
-            };
-          };
-        };
      };

      perSystem = {